从 SID 获取用户名的 Python ldap3 代码 [英] Python ldap3 code to get username from SID
本文介绍了从 SID 获取用户名的 Python ldap3 代码的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我在共享的 Windows 服务器上有一个用户的 SID 字符串(例如,S-1-5-21-500000003-1000000000-1000000003-1001"),我需要获取相关的用户名.
我想这可以通过以下方式实现:
- 将 SID 字符串转换为字节数组.
- 使用合适的
ldpa查询来获取相关用户名.
但我没有找到准确可靠的操作说明(以这种方式或其他方式).
我会感谢任何有用的指南,特别是如果它带有演示 Python (ldap3) 代码.
解决方案
def unsigned_number_to_slashed_byte_array_string(number, little_endian,digits_count):"""将给定的无符号数转换为一个字符串,以给定顺序(小端或大端)将其表示为字节序列.如果字符串中的总位数大于给定的位数,则该字符串左填充零.每个这样的字节由一个子字符串表示,该子字符串由前面的斜杠字符后跟两个(大写)十六进制数字(例如,\0A")组成.:param number: 一个无符号的非负整数.:param little_endian:表示是否请求小端顺序的标志;否则,选择大端顺序.:paramdigits_count:生成的可能左填充的字符串中十六进制数字的总数,是字节数的两倍.:except ValueError: 如果给定数字不是非负数,或者给定数字计数不是正偶数.:return: 将给定数字表示为按给定顺序的字节序列的字符串."""如果数字<0: raise ValueError("{0}: Argument number must be an non-negative! ({1})".format(func_name(), number))if (digits_count <= 0) or ((digits_count % 2) != 0): raise ValueError("{0}: Argument digits_count must be an even positive! ({1})".format(func_name(),digits_count))zero_padded_hex_number_str = "{0:0{1}X}".format(number,digits_count) # 格式:无前导0x",零填充digits_count 个数字(或halfdigits_count 个字节),大写十六进制字母.number_byte_array_str = ""byte_starter_digits_indices_list = range(len(zero_padded_hex_number_str))[::2]如果 little_endian: byte_starter_digits_indices_list = reversed(byte_starter_digits_indices_list)对于 byte_starter_digits_indices_list 中的 byte_starter_digit_index:number_byte_array_str = "{0}\{1}".format(number_byte_array_str, zero_padded_hex_number_str[byte_starter_digit_index:(byte_starter_digit_index + 2)])返回 number_byte_array_strdef sid_str_to_byte_array_str(sid_str):""":param sid_str:活动目录 SID 字符串(例如,S-1-5-21-1241979920-1440912824-1533017923-1106").:return: 将给定 SID 字符串表示为字节数组字符串的字符串(例如,\01\05\00\00\00\00\00\05\15\00\00\00\10\1C\07\4A\B8\95\E2\55\43\FF\5F\5B")."""dashes_count = sid_str.count("-")sid_numbers_str = sid_str[2:] # 去掉前面的S-"sid_number_strings = sid_numbers_str.split("-")sid_numbers = [int(sid_number_string) for sid_number_string in sid_number_strings]sid_byte_array_str = unsigned_number_to_slashed_byte_array_string(sid_numbers[0], True, 2)sid_byte_array_str += unsigned_number_to_slashed_byte_array_string((dashes_count - 2), True, 2)sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[1], False, 12)sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[2], True, 8)sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[3], True, 8)sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[4], True, 8)sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[5], True, 8)返回 sid_byte_array_strI have a SID string (e.g., "S-1-5-21-500000003-1000000000-1000000003-1001") of a user on a shared Windows server, and I need to get the related username.
I suppose that this may be achieved by:
- Turning the SID string into byte array.
- Using a suitable
ldpaquery to get the related username.
But I failed to find exact and reliable instructions of how to do it (this way or another).
I'll appreciate any useful guide, especially if it comes with demo Python (ldap3) code.
解决方案
def unsigned_number_to_slashed_byte_array_string(number, little_endian, digits_count):
"""
Convert given unsigned number into a string that represents it as a sequence of bytes in given order (either little or big Endian).
In case the total number of digits in the string is greater than given digits count, the string is left-padded with zeroes.
Each such byte is represented by a substring that's composed of a preceding slash character followed by two (uppercase) hexadecimal digits (e.g., "\0A").
:param number: An unsigned non-negative integer.
:param little_endian: A flag that says whether little Endian order is requested; otherwise, big Endian order is selected.
:param digits_count: The total count of hexadecimal digits in the resulting possibly left-padded string, which is twice the number of bytes.
:except ValueError: In case given number isn't a non-negative number, or given digits count isn't a positive even number.
:return: A string that represents given number as a sequence of bytes in given order.
"""
if number < 0: raise ValueError("{0}: Argument number must be a non-negative! ({1})".format(func_name(), number))
if (digits_count <= 0) or ((digits_count % 2) != 0): raise ValueError("{0}: Argument digits_count must be an even positive! ({1})".format(func_name(), digits_count))
zero_padded_hex_number_str = "{0:0{1}X}".format(number, digits_count) # Format: no leading "0x", zero-padded digits_count digits (or half digits_count bytes), uppercase hexadecimal letters.
number_byte_array_str = ""
byte_starter_digits_indices_list = range(len(zero_padded_hex_number_str))[::2]
if little_endian: byte_starter_digits_indices_list = reversed(byte_starter_digits_indices_list)
for byte_starter_digit_index in byte_starter_digits_indices_list:
number_byte_array_str = "{0}\{1}".format(number_byte_array_str, zero_padded_hex_number_str[byte_starter_digit_index:(byte_starter_digit_index + 2)])
return number_byte_array_str
def sid_str_to_byte_array_str(sid_str):
"""
:param sid_str: An active-directory SID string (e.g., "S-1-5-21-1241979920-1440912824-1533017923-1106").
:return: A string that represents given SID string as a byte array string (e.g., "\01\05\00\00\00\00\00\05\15\00\00\00\10\1C\07\4A\B8\95\E2\55\43\FF\5F\5B").
"""
dashes_count = sid_str.count("-")
sid_numbers_str = sid_str[2:] # Removes the preceding "S-"
sid_number_strings = sid_numbers_str.split("-")
sid_numbers = [int(sid_number_string) for sid_number_string in sid_number_strings]
sid_byte_array_str = unsigned_number_to_slashed_byte_array_string(sid_numbers[0], True, 2)
sid_byte_array_str += unsigned_number_to_slashed_byte_array_string((dashes_count - 2), True, 2)
sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[1], False, 12)
sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[2], True, 8)
sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[3], True, 8)
sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[4], True, 8)
sid_byte_array_str += unsigned_number_to_slashed_byte_array_string(sid_numbers[5], True, 8)
return sid_byte_array_str
这篇关于从 SID 获取用户名的 Python ldap3 代码的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
